public virtual TlsCipher GetCipher()
{
switch (selectedCipherSuite)
{
case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
return(cipherFactory.CreateCipher(context, EncryptionAlgorithm.cls_3DES_EDE_CBC, DigestAlgorithm.SHA));
case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
return(cipherFactory.CreateCipher(context, EncryptionAlgorithm.AES_128_CBC, DigestAlgorithm.SHA));
case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
return(cipherFactory.CreateCipher(context, EncryptionAlgorithm.AES_256_CBC, DigestAlgorithm.SHA));
default:
/*
* Note: internal error here; the TlsProtocolHandler verifies that the
* server-selected cipher suite was in the list of client-offered cipher
* suites, so if we now can't produce an implementation, we shouldn't have
* offered it!
*/
throw new TlsFatalAlert(AlertDescription.internal_error);
}
}
public override TlsCipher GetCipher()
{
int encryptionAlgorithm = TlsUtilities.GetEncryptionAlgorithm(mSelectedCipherSuite);
int macAlgorithm = TlsUtilities.GetMacAlgorithm(mSelectedCipherSuite);
return(mCipherFactory.CreateCipher(mContext, encryptionAlgorithm, macAlgorithm));
}
public static TlsCipher AssignCipher(byte[] preMasterSecret, bool client, Version version, HandshakeInfo handshakeInfo)
{
int encryptionAlgorithm = GetEncryptionAlgorithm(handshakeInfo.CipherSuite);
int macAlgorithm = GetMACAlgorithm(handshakeInfo.CipherSuite);
TlsContext context = new DTLSContext(client, version, handshakeInfo);
SecurityParameters securityParameters = context.SecurityParameters;
byte[] seed = Concat(securityParameters.ClientRandom, securityParameters.ServerRandom);
string asciiLabel = ExporterLabel.master_secret;
handshakeInfo.MasterSecret = TlsUtilities.PRF(context, preMasterSecret, asciiLabel, seed, 48);
//session.Handshake.MasterSecret = TlsUtilities.PRF_legacy(preMasterSecret, asciiLabel, seed, 48);
#if DEBUG
Console.Write("MasterSecret :");
WriteToConsole(handshakeInfo.MasterSecret);
#endif
seed = Concat(securityParameters.ServerRandom, securityParameters.ClientRandom);
byte[] key_block = TlsUtilities.PRF(context, handshakeInfo.MasterSecret, ExporterLabel.key_expansion, seed, 96);
//byte[] key_block = TlsUtilities.PRF_legacy(session.Handshake.MasterSecret, ExporterLabel.key_expansion, seed, 96);
#if DEBUG
Console.Write("Key block :");
WriteToConsole(key_block);
#endif
return(CipherFactory.CreateCipher(context, encryptionAlgorithm, macAlgorithm));
}
public static TlsCipher AssignCipher(byte[] preMasterSecret, bool client, Version version, HandshakeInfo handshakeInfo)
{
if (preMasterSecret == null)
{
throw new ArgumentNullException(nameof(preMasterSecret));
}
if (version == null)
{
throw new ArgumentNullException(nameof(version));
}
if (handshakeInfo == null)
{
throw new ArgumentNullException(nameof(handshakeInfo));
}
TlsContext context = new DTLSContext(client, version, handshakeInfo);
var securityParameters = context.SecurityParameters;
var seed = securityParameters.ClientRandom.Concat(securityParameters.ServerRandom).ToArray();
var asciiLabel = ExporterLabel.master_secret;
handshakeInfo.MasterSecret = TlsUtilities.IsTlsV11(context) ?
TlsUtilities.PRF_legacy(preMasterSecret, asciiLabel, seed, 48)
: TlsUtilities.PRF(context, preMasterSecret, asciiLabel, seed, 48);
seed = securityParameters.ServerRandom.Concat(securityParameters.ClientRandom).ToArray();
var key_block = TlsUtilities.IsTlsV11(context) ?
TlsUtilities.PRF_legacy(handshakeInfo.MasterSecret, ExporterLabel.key_expansion, seed, 96)
: TlsUtilities.PRF(context, handshakeInfo.MasterSecret, ExporterLabel.key_expansion, seed, 96);
return(_CipherFactory
.CreateCipher(context, _GetEncryptionAlgorithm(handshakeInfo.CipherSuite), _GetMACAlgorithm(handshakeInfo.CipherSuite)));
}